Google Says Android Malware Fears Overblown

Google’s chief of security for Android Adrian Ludwig believes the hype over malware targeting the popular devices are overstated, and that the open architecture that allows anyone to develop and market an application is superior to more restrictive processes offered by competitors like Apple.

Ludwig made the statements at last week’s Virus Bulletin conference in Berlin, noting that data shows that only 0.001% of applications available pose any risk to users, data, or Android devices, and that the latitude granted developers furthers innovation.

“A walled garden systems approach blocking predators and disease breaks down when rapid growth and evolution creates too much complexity. Android’s innovation from inside and outside Google are continuous, making it impossible to create such a walled garden by locking down Android at the device level,” Ludwig said.

He compares Google’s approach to monitoring malware as akin to the role the Center for Disease Control (CDC) plays in public health.

“These vulnerabilities when exploited allow an attacker to utilize Vulna’s risky and aggressive functionality to conduct malicious activity, such as turning on the camera and taking pictures without user’s knowledge, stealing two-­factor authentication tokens sent via SMS, or turning the device into part of a botnet,” the researchers determined.